| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_HTTP_HTTP_AUTH_H_ | 5 #ifndef NET_HTTP_HTTP_AUTH_H_ |
| 6 #define NET_HTTP_HTTP_AUTH_H_ | 6 #define NET_HTTP_HTTP_AUTH_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <set> | 9 #include <set> |
| 10 #include <string> | 10 #include <string> |
| (...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 73 | 73 |
| 74 // The identity was provided by RestartWithAuth -- it likely | 74 // The identity was provided by RestartWithAuth -- it likely |
| 75 // came from a prompt (or maybe the password manager). | 75 // came from a prompt (or maybe the password manager). |
| 76 IDENT_SRC_EXTERNAL, | 76 IDENT_SRC_EXTERNAL, |
| 77 | 77 |
| 78 // The identity used the default credentials for the computer, | 78 // The identity used the default credentials for the computer, |
| 79 // on schemes that support single sign-on. | 79 // on schemes that support single sign-on. |
| 80 IDENT_SRC_DEFAULT_CREDENTIALS, | 80 IDENT_SRC_DEFAULT_CREDENTIALS, |
| 81 }; | 81 }; |
| 82 | 82 |
| 83 enum Scheme { |
| 84 AUTH_SCHEME_BASIC = 0, |
| 85 AUTH_SCHEME_DIGEST, |
| 86 AUTH_SCHEME_NTLM, |
| 87 AUTH_SCHEME_NEGOTIATE, |
| 88 AUTH_SCHEME_MOCK, |
| 89 AUTH_SCHEME_MAX, |
| 90 }; |
| 91 |
| 83 // Helper structure used by HttpNetworkTransaction to track | 92 // Helper structure used by HttpNetworkTransaction to track |
| 84 // the current identity being used for authorization. | 93 // the current identity being used for authorization. |
| 85 struct Identity { | 94 struct Identity { |
| 86 Identity(); | 95 Identity(); |
| 87 | 96 |
| 88 IdentitySource source; | 97 IdentitySource source; |
| 89 bool invalid; | 98 bool invalid; |
| 90 string16 username; | 99 string16 username; |
| 91 string16 password; | 100 string16 password; |
| 92 }; | 101 }; |
| 93 | 102 |
| 94 // Get the name of the header containing the auth challenge | 103 // Get the name of the header containing the auth challenge |
| 95 // (either WWW-Authenticate or Proxy-Authenticate). | 104 // (either WWW-Authenticate or Proxy-Authenticate). |
| 96 static std::string GetChallengeHeaderName(Target target); | 105 static std::string GetChallengeHeaderName(Target target); |
| 97 | 106 |
| 98 // Get the name of the header where the credentials go | 107 // Get the name of the header where the credentials go |
| 99 // (either Authorization or Proxy-Authorization). | 108 // (either Authorization or Proxy-Authorization). |
| 100 static std::string GetAuthorizationHeaderName(Target target); | 109 static std::string GetAuthorizationHeaderName(Target target); |
| 101 | 110 |
| 102 // Returns a string representation of a Target value that can be used in log | 111 // Returns a string representation of a Target value that can be used in log |
| 103 // messages. | 112 // messages. |
| 104 static std::string GetAuthTargetString(Target target); | 113 static std::string GetAuthTargetString(Target target); |
| 105 | 114 |
| 115 // Returns a string representation of an authentication Scheme. |
| 116 static const char* SchemeToString(Scheme scheme); |
| 117 |
| 106 // Iterate through the challenge headers, and pick the best one that | 118 // Iterate through the challenge headers, and pick the best one that |
| 107 // we support. Obtains the implementation class for handling the challenge, | 119 // we support. Obtains the implementation class for handling the challenge, |
| 108 // and passes it back in |*handler|. If no supported challenge was found, | 120 // and passes it back in |*handler|. If no supported challenge was found, |
| 109 // |*handler| is set to NULL. | 121 // |*handler| is set to NULL. |
| 110 // | 122 // |
| 111 // |disabled_schemes| is the set of schemes that we should not use. | 123 // |disabled_schemes| is the set of schemes that we should not use. |
| 112 // | 124 // |
| 113 // |origin| is used by the NTLM and Negotiation authentication scheme to | 125 // |origin| is used by the NTLM and Negotiation authentication scheme to |
| 114 // construct the service principal name. It is ignored by other schemes. | 126 // construct the service principal name. It is ignored by other schemes. |
| 115 static void ChooseBestChallenge( | 127 static void ChooseBestChallenge( |
| 116 HttpAuthHandlerFactory* http_auth_handler_factory, | 128 HttpAuthHandlerFactory* http_auth_handler_factory, |
| 117 const HttpResponseHeaders* headers, | 129 const HttpResponseHeaders* headers, |
| 118 Target target, | 130 Target target, |
| 119 const GURL& origin, | 131 const GURL& origin, |
| 120 const std::set<std::string>& disabled_schemes, | 132 const std::set<Scheme>& disabled_schemes, |
| 121 const BoundNetLog& net_log, | 133 const BoundNetLog& net_log, |
| 122 scoped_ptr<HttpAuthHandler>* handler); | 134 scoped_ptr<HttpAuthHandler>* handler); |
| 123 | 135 |
| 124 // Handle a 401/407 response from a server/proxy after a previous | 136 // Handle a 401/407 response from a server/proxy after a previous |
| 125 // authentication attempt. For connection-based authentication schemes, the | 137 // authentication attempt. For connection-based authentication schemes, the |
| 126 // new response may be another round in a multi-round authentication sequence. | 138 // new response may be another round in a multi-round authentication sequence. |
| 127 // For request-based schemes, a 401/407 response is typically treated like a | 139 // For request-based schemes, a 401/407 response is typically treated like a |
| 128 // rejection of the previous challenge, except in the Digest case when a | 140 // rejection of the previous challenge, except in the Digest case when a |
| 129 // "stale" attribute is present. | 141 // "stale" attribute is present. |
| 130 // | 142 // |
| 131 // |handler| must be non-NULL, and is the HttpAuthHandler from the previous | 143 // |handler| must be non-NULL, and is the HttpAuthHandler from the previous |
| 132 // authentication round. | 144 // authentication round. |
| 133 // | 145 // |
| 134 // |headers| must be non-NULL and contain the new HTTP response. | 146 // |headers| must be non-NULL and contain the new HTTP response. |
| 135 // | 147 // |
| 136 // |target| specifies whether the authentication challenge response came | 148 // |target| specifies whether the authentication challenge response came |
| 137 // from a server or a proxy. | 149 // from a server or a proxy. |
| 138 // | 150 // |
| 139 // |disabled_schemes| are the authentication schemes to ignore. | 151 // |disabled_schemes| are the authentication schemes to ignore. |
| 140 // | 152 // |
| 141 // |challenge_used| is the text of the authentication challenge used in | 153 // |challenge_used| is the text of the authentication challenge used in |
| 142 // support of the returned AuthorizationResult. If no headers were used for | 154 // support of the returned AuthorizationResult. If no headers were used for |
| 143 // the result (for example, all headers have unknown authentication schemes), | 155 // the result (for example, all headers have unknown authentication schemes), |
| 144 // the value is cleared. | 156 // the value is cleared. |
| 145 static AuthorizationResult HandleChallengeResponse( | 157 static AuthorizationResult HandleChallengeResponse( |
| 146 HttpAuthHandler* handler, | 158 HttpAuthHandler* handler, |
| 147 const HttpResponseHeaders* headers, | 159 const HttpResponseHeaders* headers, |
| 148 Target target, | 160 Target target, |
| 149 const std::set<std::string>& disabled_schemes, | 161 const std::set<Scheme>& disabled_schemes, |
| 150 std::string* challenge_used); | 162 std::string* challenge_used); |
| 151 | 163 |
| 152 // Breaks up a challenge string into the the auth scheme and parameter list, | 164 // Breaks up a challenge string into the the auth scheme and parameter list, |
| 153 // according to RFC 2617 Sec 1.2: | 165 // according to RFC 2617 Sec 1.2: |
| 154 // challenge = auth-scheme 1*SP 1#auth-param | 166 // challenge = auth-scheme 1*SP 1#auth-param |
| 155 // | 167 // |
| 156 // Depending on the challenge scheme, it may be appropriate to interpret the | 168 // Depending on the challenge scheme, it may be appropriate to interpret the |
| 157 // parameters as either a base-64 encoded string or a comma-delimited list | 169 // parameters as either a base-64 encoded string or a comma-delimited list |
| 158 // of name-value pairs. param_pairs() and base64_param() methods are provided | 170 // of name-value pairs. param_pairs() and base64_param() methods are provided |
| 159 // to support either usage. | 171 // to support either usage. |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 196 std::string::const_iterator scheme_end_; | 208 std::string::const_iterator scheme_end_; |
| 197 | 209 |
| 198 std::string::const_iterator params_begin_; | 210 std::string::const_iterator params_begin_; |
| 199 std::string::const_iterator params_end_; | 211 std::string::const_iterator params_end_; |
| 200 }; | 212 }; |
| 201 }; | 213 }; |
| 202 | 214 |
| 203 } // namespace net | 215 } // namespace net |
| 204 | 216 |
| 205 #endif // NET_HTTP_HTTP_AUTH_H_ | 217 #endif // NET_HTTP_HTTP_AUTH_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6191001:
Cleanup: Use AUTH_SCHEME enum instead of a string. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/